Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

WEBINAR:On-Demand

Ransomware attacks continue to rise, and U.S. computer users are getting hit the most according to an analysis released by security firm Malwarebytes on Dec. 8.

The company analyzed the telemetry sent from its software running on customers systems between June 1 and October 15, finding hundreds of thousands of ransomware attacks. More than 26 percent of attacks targeted users in the United States, compared to less than 9 percent targeting German users and about 4 percent targeting people in France, the No. 2 and No. 3 most popular targets.

“Throughout the whole year, ransomware has been the dominant problem. It has just kept growing,” Adam Kujawa, director of malware intelligence for Malwarebytes, told eWEEK.

Kujawa said that 2016 is undoubtedly the year when ransomware took off, becoming the most significant Internet threat.

Further reading

Other companies’ research agrees. In its year-end report, security firm Kaspersky Lab found 62 new families of ransomware had hit the internet in 2016, leading to roughly double the number of incidents per user. At the beginning of the year, Kaspersky’s user population encountered ransomware once every 20 seconds, and by the end of the year, that had dropped to once every 10 seconds.

Yet, governments and companies have begun pushing back. In July, four organizations—including Intel Security, Kaspersky and Europol—banded together to create a common resource for those affected by ransomware. Called No More Ransom, the group provides descriptions of the various ransomware families and help for those hit by ransomware attacks.

Malwarebytes and Kaspersky designated different families of malware as the most popular ransomware variants. The Cerber malware topped Malwarebytes’ list, with 38 percent of attacks using that ransomware version, while Kaspersky found CTB-Locker made up 25 percent of the ransomware detected by its product.

There are also signs that link several families of ransomware to Russia. When Cerber first runs, for example, the malware checks whether it is running from an internet address assigned to Russia. If the computer is connected to a network in Russia, or a former Soviet republic, the program will not run.

Malwarebytes also found that users in city of Las Vegas and nearby Henderson, NV, encountered the most ransomware, but that the Rust Belt had the greatest number of cities in the Top-10, including Memphis, TN, and Toledo, Cleveland and Columbus, OH.

Malwarebytes did not account for the distribution of its users in the national numbers, but did normalize for population when determining the most targeted cities.

Kaspersky found that the number of modifications to ransomware variants increased by more than 11-fold in 2016, as the malware authors tried to stay ahead of security firms’ software. In addition, the number of copycats increased as well. Because ransomware is difficult to create properly, knock-off programs—also known as ‘skiddie’ ransomware—are less likely to be able to decrypt a victim’s files, Kaspersky said.

“As the popularity continues to rise and a lesser grade of criminal decides to enter the space, we are likely to encounter more and more ‘ransomware’ that lacks the quality assurance or general coding capability to actually uphold this promise,” the company said. “We expect ‘skiddie’ ransomware to lock away files or system access or simply delete the files, trick the victim into paying the ransom and provide nothing in return.”

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.